1. Field of the Invention
The present invention relates generally to communications sent over a communication network, and more particularly, to a system and method for controlling the reception of communications from various entities having access to the network.
2. Description of the Related Art
Electronic mail ("e-mail") has become increasingly popular as a form of communication in today's society. This is true at least in part due to the popularity of the Internet. Users of e-mail may be referred to as "users". The user is generally referred to as a "recipient" when receiving e-mail and as a "sender" when sending e-mail to a recipient. The term "correspondent" may be used to refer to a person or persons who are sending e-mail to, or receiving e-mail from, the user in question.
To send e-mail over a communications network, a user must address an e-mail message to an intended recipient. For example, referring to FIG. 1A, a conventional e-mail address as used on the Internet is illustrated. The address usually has two parts, the user name 100 (also referred to as the "mailbox name") and the host (or domain) name 102. These two parts are part of a hierarchy of names; that is, the domain name 102 is of a higher level than the user name 100. The user name 100 may be described as the lowest-level name in the hierarchy. Typically, the user name 100 and the host name 102 may be separated by an "at" sign, "@", 104. To send e-mail over the Internet, the user addresses the e-mail message by placing the intended recipients' addresses in the "To" line (or field) of the message as is well know in the art. In addition, a user may "carbon copy" or "cc" (or "Cc") yet another intended recipient of the e-mail message by placing that recipient's address in the cc line (or field) as is also well known in the art. There is also typically a "from" line (or field) indicating who sent the message. All of these items together with other lines such as subject, date, etc., form what is known as a "header" of the e-mail message. Other options, also well known in the art, are available for various ways to address intended recipients of Internet e-mail. Analogous methods exist for addressing e-mail over other networks.
Unfortunately, as with other forms of communication, for example regular mail and facsimile, users of e-mail may receive a quantity of unwanted or "junk" mail. This may be in the form of "telemarketing" type e-mail (for example an advertisement or a survey). While this may only rise to the level of a mere nuisance or annoyance, in some situations, unwanted e-mail may actually rise to the level of harassment. For example, the user may receive unwanted offensive or obscene e-mail. A malicious e-mail sender could also possibly send "hate mail".
This type of activity, in some circumstances, may as a practical matter render the user's e-mail capabilities useless. For example, if a malicious e-mail sender barraged the e-mail user's mail box with a multitude of messages that the user would have to review, any wanted, or "non-junk" mail would be buried in a large amount of useless junk e-mail. The malicious e-mail sender could also send messages that were known to offend the recipient so that the recipient would not want to review any of the messages received, including legitimate messages.
The commercialization of the Internet further threatens the usefulness of e-mail. Today, it is easier than in the past to collect address lists and inexpensive to mass-distribute messages. Every time a user sends a message to a public newsgroup or list, fills out a web form, or mails in a product registration card, the server inexpensively obtains an e-mail address and typically some indication of the user's interests. This information can then be sold to marketing firms who can easily automate unsolicited mass e-mailings of advertisements, surveys, and other annoyances that may cost the user connect time and, possibly worse, valuable attention span.
It would be desirable to be capable of restricting the receipt of unwanted e-mail and other types of messages sent over a network. In addition, when unwanted e-mail (or messages) is received, it would be beneficial to be able to determine in what manner the sender of the unwanted e-mail obtained the user's address.
One way to restrict unwanted e-mail is for the user to limit who he gives his e-mail address to. This is analogous to having an unlisted telephone number. Alternatively, a user might maintain multiple e-mail accounts, using different accounts for different purposes, such as one address for business purposes and another address for personal purposes. This "unlisted address" approach may be expensive and slow to recover from security breaches. For example, if an address that was supposed to be kept secret is leaked to a malicious e-mail sender (also referred to as an "adversary"), the "secret" address is no longer secret. The only way to stop this leak may be to pay a fee to the service provider to change the address. This may be a lengthy process and, once the address is changed, the user must attempt to notify all legitimate correspondents of the change while keeping it from the adversary.
Another approach to solving these problems is through the use of "kill files". This is accomplished by simply discarding all messages from a predetermined user, site, or even domain. Killing a site or domain prohibits messages from all of its users, even though only a subset may be undesirable. Undesirables can have other accounts with completely different addresses, or may forge messages in order to evade simple address checks such as these.
In addition to kill files, another prior art approach is to use an e-mail filter to discard undesired messages. This would include messages that do not satisfy user-defined criteria. A filter works by searching for syntactic patterns and eliminating (or filtering) messages that match. However, it is extremely difficult to define syntactic rules that can reliably distinguish advertisements and surveys from legitimate messages. For example, if the following message were received from an individual, a filter may assume that it is a legitimate question from a friend and fail to filter it out:
"Dear Bob, I have difficulty using software package X. It never seems to run in a multitasking environment| Isn't this frustrating? Do you have the same problem? Maybe you should check out software package Y which will eliminate the problem. Talk to you soon, John"
This message, upon an initial review, appears to be a legitimate question and suggestion sent to "Bob". This could also represent a ploy by "John" to advertise a software package Y. It would be extremely difficult to write an e-mail filter that discards this message but lets through legitimate messages.
Another prior art method of restricting access to e-mail is cryptographic authentication. With this method, access is controlled by requiring all messages to be digitally signed by an authorized correspondent. A cryptographic filter would discard any unsigned or unauthorized messages. This approach may provide protection against unauthorized messages. However, even though software packages exist to do the cryptographic operations necessary (for example PGP "pretty good privacy"! available over the Internet from the Massachusetts Institute of Technology see the World Wide Web Page located at http://web.mit.edu/network/pgp.html! or products that comply with S/MIME, which is a specification for secure e-mail information about S/MIME may be obtained on the World Wide Web page "S/MIME Central" at http://www.rsa.com/rsa/S-MIME/!), reliably obtaining a public key of a correspondent is still problematic in that the public key transfer itself must also be digitally signed, which requires reliably knowing the signing key for that message. In addition, this method does not solve the problem of allowing messages from previously unknown correspondents, such as messages received from mailing lists. If the user wishes to be able to receive such messages, he must publish a single address. Even if a message to that address is digitally signed with a certified key, there is no guarantee that the message is not junk.
Yet another alternative is to accumulate a list of individuals who send junk e-mail, but adversaries may be able to evade this mechanism by registering several addresses and keys, or by having a different employee send each message.
There are also existing methods of augmenting the user name portion of an e-mail address. For example, the Andrew Message System, as described in Nathaniel S. Borenstein and Chris A. Thyberg, Power, ease of use and cooperative work in a practical multimedia message system, International Journal of Man-Machine Studies, Volume 34, Number 2, pages 229-259, February 1991, uses addresses of the form "user+info@host". Each user may write code in the Andrew Message System FLAMES language to process messages based on the content of the "info" field. For example, "urgent" may be placed in the info field indicating that incoming messages are urgent. With this system, it is up to the good will of the correspondent to not purposefully mischaracterize messages, for example by sending junk mail while using "urgent" in the "info" field. The "info" field is typically well-known, predictable or easily guessable.
Therefore, there is a need for an effective way of preventing undesirable e-mail and other network communications or messages. There is also a need for the ability to trace unwanted or undesirable e-mail (and communications or messages).